search

xmidt-org / caduceus

The Xmidt server for delivering events written in Go.
Apache License 2.0
16 stars 21 forks source link

feat(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 #464

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps github.com/prometheus/client_golang from 1.18.0 to 1.19.0.

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.0

What's Changed

The module prometheus/common v0.48.0 introduced a bug when used together with client_golang. If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427

New Contributors

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.19.0 / 2023-02-27

The module prometheus/common v0.48.0 introduced a bug when used together with client_golang. If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427
Commits
  • 77d4003 Add 1.19.0 changelog (#1451)
  • 14259fa Merge pull request #1448 from ywwg/owilliams/content-negotiation
  • 6d03920 deps: bump prometheus/common version
  • 353395b Remove support for go 1.19 (#1449)
  • 9dd5d2a Merge pull request #1445 from kavu/add_go122_metrics_test
  • c906a5e Add support for Go 1.22
  • 7ac9036 Merge pull request #1440 from prometheus/dependabot/github_actions/github-act...
  • 8c7e30f Merge pull request #1441 from prometheus/dependabot/go_modules/tutorial/whats...
  • 08769f8 Bump github.com/prometheus/common in /tutorial/whatsup
  • 83d5940 Bump the github-actions group with 2 updates
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 4 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 65.67%. Comparing base (9a92906) to head (f2d6a6a).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #464 +/- ## ======================================= Coverage 65.67% 65.67% ======================================= Files 10 10 Lines 1343 1343 ======================================= Hits 882 882 Misses 420 420 Partials 41 41 ``` | [Flag](https://app.codecov.io/gh/xmidt-org/caduceus/pull/464/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/xmidt-org/caduceus/pull/464/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org) | `65.67% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

guardrails[bot] commented 4 months ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity | Details :-: | :-- N/A | [pkg:golang/github.com/prometheus/client_golang@v1.16.0](https://github.com/xmidt-org/caduceus/blob/f2d6a6ab7ba3b47d96005f041a9dca0b0e7930cd/go.mod#L11) - **no patch available** More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.